IAM Roles and Permissions Required by Your AWS Sensor

The roles and permissions detailed below are required by the AWS services listed, which your AWS Sensor relies on.

During deployment, the AWS CloudFormation template provided by AT&T Cybersecurity will automatically manage and assign these as needed by your sensor.

IAM Roles and Permissions Required by Your AWS Sensor
Prerequisites Description
Amazon CloudWatch
  • "cloudwatch:Describe*"
  • "cloudwatch:Get*"
  • "cloudwatch:List*"
  • "logs:Describe*"
  • "logs:Get*"
  • "logs:TestMetricFilter*"
AWS CloudTrail
  • "cloudtrail:Describe*"
  • "cloudtrail:Get*"
  • "cloudtrail:List*"
AWS Elastic Load Balancing (ELB)
  • "elasticloadbalancing:Describe*"
Amazon Simple Storage Service (AWS S3)
  • "s3:Get*"
  • "s3:List*"
Amazon EC2
  • "ec2:Describe*"
AWS Identity and Access Management (IAM)
  • "iam:List*"
  • "iam:Get*"
Amazon GuardDuty
  • "guardduty:Get*"
  • "guardduty:List*"
Amazon Relational Database Service (RDS)
  • "rds:Describe*"